Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2003-2018 Tenable Network Security, Inc.WU_FTPD_GLOB.NASL
HistoryMar 09, 2003 - 12:00 a.m.

WU-FTPD Unspecified Security Issue

2003-03-0900:00:00
This script is Copyright (C) 2003-2018 Tenable Network Security, Inc.
www.tenable.com
11

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.6%

JSON

The version of WU-FTPD running on the remote host has an unspecified remote vulnerability. This is reportedly due to an unspecified bug in glob.c discovered by the SuSE security team.

Nessus verified this vulnerability by looking at the banner of the remote FTP server.

#
# (C) Tenable Network Security, Inc.
#


include("compat.inc");


if(description)
{
 script_id(11332);
 script_version ("1.17");
 script_cve_id("CVE-2001-0935");
 
 script_name(english:"WU-FTPD Unspecified Security Issue");
 script_summary(english:"Checks the remote FTPd version");

 script_set_attribute(attribute:"synopsis", value:
"The remote FTP server has an unspecified remote vulnerability." );
 script_set_attribute( attribute:"description",  value:
"The version of WU-FTPD running on the remote host has an unspecified
remote vulnerability. This is reportedly due to an unspecified bug in
glob.c discovered by the SuSE security team.

Nessus verified this vulnerability by looking at the banner
of the remote FTP server." );
 script_set_attribute(
   attribute:"solution", 
   value:"Upgrade to WU-FTPD version 2.6.1 or later."
 );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
 script_set_attribute(attribute:"plugin_publication_date", value: "2003/03/09");
 script_set_attribute(attribute:"vuln_publication_date", value: "2001/11/28");
 script_cvs_date("Date: 2018/08/15 16:35:43");
 script_set_attribute(attribute:"potential_vulnerability", value:"true");
 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_set_attribute(attribute:"cpe",value:"cpe:/a:washington_university:wu-ftpd");
 script_end_attributes();
     
 script_category(ACT_GATHER_INFO);
 script_family(english:"FTP");
 
 script_copyright(english:"This script is Copyright (C) 2003-2018 Tenable Network Security, Inc.");
		  
 script_dependencie("ftpserver_detect_type_nd_version.nasl");
 script_require_keys("ftp/login", "ftp/wuftpd", "Settings/ParanoidReport");
 script_require_ports("Services/ftp", 21);
 exit(0);
}

#
# The script code starts here : 
#
include("ftp_func.inc");
include("global_settings.inc");
include("audit.inc");

if (report_paranoia < 2) audit(AUDIT_PARANOID);

port = get_ftp_port(default: 21);


banner = get_ftp_banner(port: port);
if (! banner) exit(1);
if(egrep(pattern:".*(wu|wuftpd)-(1\..*|2\.[0-5]\.|2\.6\.0).*", string:banner))
  security_hole(port);
VendorProductVersionCPE
washington_universitywu-ftpdcpe:/a:washington_university:wu-ftpd

Related

cvelist 1
suse 1
redhatcve 1
cve 1
nvd 1
cvelist
cvelist
CVE-2001-0935
2002-02-02 05:00:00
suse
suse
remote root compromise in wuftpd
2001-11-28 22:54:50
redhatcve
redhatcve
CVE-2001-0935
2015-10-30 09:55:12
cve
cve
CVE-2001-0935
2002-02-02 05:00:00
nvd
nvd
CVE-2001-0935
2001-11-28 05:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.6%

JSON
Related for WU_FTPD_GLOB.NASL
cvelist1suse1redhatcve1cve1nvd1